WhoWorked

API Keys

Create and manage API keys for authenticating with the WhoWorked API.

All API requests require authentication via a Bearer token. API keys are scoped to a single workspace.

Creating an API key

  1. Open the WhoWorked app.
  2. Navigate to SettingsAPI Keys.
  3. Click Create API Key.
  4. Choose a name and select the scopes your integration needs.
  5. Copy the key immediately — it won't be shown again.

Using your API key

Include the key in the Authorization header:

curl https://api.whoworked.com/v1/projects \
  -H "Authorization: Bearer ww_sk_..."

Key format

API keys use the prefix ww_sk_ followed by a random string. If you see a key without this prefix, it may be from an older version — regenerate it.

Revoking keys

You can revoke a key at any time from SettingsAPI Keys. Revoked keys immediately stop working. There is no undo.

Rate limits

API keys are subject to rate limiting. Current limits:

  • 100 requests per minute per key.
  • Exceeding the limit returns 429 Too Many Requests.

Include a short delay between bulk operations, or use the batch endpoints where available.

On this page